Subject: Re: Can You Prevent Some Users From Telneting to their Accounts?
From: Dennis Murphy (dmurphy@leguin.montclair.edu)
Date: Sun Oct 17 1999 - 23:40:52 MDT
It's very easy, actually.
Just change their shell in /etc/passwd to something else, like /bin/false
For example, change:
dmurphy:x:500:500:Dennis Murphy:/home/dmurphy:/bin/bash
to:
dmurphy:x:500:500:Dennis Murphy:/home/dmurphy:/bin/false
Please note that this also prevents them from using FTP - if their shell
(in this case, /bin/false) isn't listed in /etc/shells, then FTP won't
work.
I use something a bit fancier -- I wrote a shellscript that I use as some
users' shell. Basically, their /etc/passwd entry looks like:
dmurphy:x:500:500:Dennis Murphy:/home/dmurphy:/usr/local/bin/mailshell
Here is /usr/local/bin/mailshell:
#! /bin/sh
trap exit 1 2 24
WHOAMI=`id`
echo "******************************"
echo "* Your account is configured *"
echo "* for mail access only. You *"
echo "* may only connect using IMAP*"
echo "* services. If you feel this*"
echo "* is an error, please e-mail *"
echo "* admin@leguin.montclair.edu *"
echo "******************************"
echo " -Thank you."
echo
echo "Login attempted on mail account: $WHOAMI,`date`"|mail root
exit
---Not only does this prevent them from logging in, but it e-mails me every time they try. I also use a modified version of this for "deleted" accounts.
Please let me know if this has been of any help! Thanks!
--- Dennis Murphy
On Sun, 17 Oct 1999, Bill Colston wrote:
> I unable to discover a way to prevent certain users from telneting into > their accounts. I was hoping there was a simple way to do this, something > like the ftpusers file that can be used to prevent some users from using > ftp with their accounts. I have checked the archives and nothing seems to > cover this. > > Any help would be most apppreciated. > > Many Thanks, > > Bill > >
This archive was generated by hypermail 2a24 : Tue Nov 02 1999 - 16:20:58 MST